Main office has 2 ISP's, branch office has 2 ISP's. Need BOVPN to failover/failback.
Main office has 2 ISP's, branch office has 2 ISP's. Both are set in failover mode. I previously setup a BOVPN with 1 Gateway and 1 Tunnel to link the two offices. Recently, the main office's primary ISP has been failing due to storms in the area. While users are still able to work since the Firebox flips to the backup ISP, the VPN goes down and the branch office can no longer access the shares at the main office. How would I setup redundant VPN connections at both offices?
0
Sign In to comment.
Comments
You can add a secondary Gateway.IP for each BOVPN
Configure VPN Failover
https://www.watchguard.com/help/docs/help-center/en-US/Content/en-US/Fireware/bovpn/manual/vpn_failover_about_c.html
Thanks guys. I added multiple Gateway Endpoints and matched the article to the T. I then power cycle the main ISP at the main office (Deerfield, IL) and I can no longer connect to the branch office (Chicago, IL). It takes the main ISP about 4 minutes to come back online, so I think that's enough time for the tunnel to reconnect over the next available gateway, but I can't even ping the branch office WatchGuard the entire time the main ISP is down. Below are screenshots of my configs and WSM status during the outage. I don't get it. I just need these little XTM's to work until August when I'll be putting in T35's. It's not usage as there are 7 employees across both offices and none there on weekends when I'm testing.
As it appears that you have set this up correctly, you should open a support incident to get WG help in resolving this.